Security starts with architecture
Help Net Security
Sashank Purighalla, CEO, BOS Framework
The battle against hackers and threats is an arms race against highly motivated opponents, and with the number of attacks and threats continually growing, it’s impossible to achieve security by simply patching up a broken architecture with single, niche tools.
The way security groups are typically structured to defend against and respond to threats is similarly flawed. There is an invariable disconnect between where and how security policies are framed, security is enforced, and security is audited. While security officers are responsible for ensuring the integrity of security platforms, they are not the ones charged with developing the security solution to protect them.
They are also not the ones who are able to ensure that the system’s design and development are in complete conformance with the security policy. That is in the hands of the developers and DevOps teams, who can only attempt to solve issues on a case-by-case basis. This leads to...